Software Composition Analyst | Schlumberger

Job Details

Software Composition Analyst

Pune - India

Job description

Job Title: Software Composition Analyst

Location: PuTC, Pune

Company overview

About Schlumberger

Schlumberger is a leading provider of oilfield services, focusing on innovative technologies for reservoir characterization, drilling, and production. We are also a leading employer in the oilfield sector—with a reputation for hiring the best and the brightest people and keeping them at the top of their game through rewarding career-long development opportunities. We leverage strong local experience and the diversity in thought, background, and knowledge that more than 170 nationalities bring.

We employ over 82,000 people and work in more than 120 countries, we help our customers find and produce oil and gas in ways that demonstrate respect for both people and the environment. Today’s industry challenges call for new ideas, techniques, and solutions. If you want to drive your career and want to grow with a company that’s embraced new ways of thinking since 1927, we may have the career for you. Further information about Schlumberger can be found at www.slb.com

About role

We are looking for a Software Composition Analyst in the PuTC SLM-OSS team. The Software Composition Analyst is responsible for analyzing the software composition of the products & services developed by Schlumberger. The Analyst’s goal is to analyze the software to determine the licenses used and work with the teams to address any licensing issues and support the teams through the process. The Analyst will be the liaison between the legal organization, business stakeholders, and the development team in relation to the components included in Schlumberger products/services and their licensing. The Analyst will be part of large globally distributed organization, which is a leading the energy industry forward.

Responsibilities

 

  • Provide accurate and timely services (auditing/analysing codebases) and technical support with respect to software composition analysis tools (e.g., Flexera’s FlexNet Code Insight (FNCI)), including working with various software engineering teams, attorneys, and others (collectively referred to herein as “stakeholders”).
  • Build strong open-source software processes and analysis technologies, to ensure fast development and compliant usage in our products.
  • Advise development teams on implementation, configuration, and integration of compliance software (Flexera, WhiteSource, etc.)
  • Drive increased acceptance and adherence of open-source compliance processes. Participate in the review and approval workflows to facilitate quick comprehension of complex scenarios.
  • Optimize existing solutions and introduce automation wherever possible.
  • Work with stakeholders to conduct and confirm initial software composition scan results.  Initial scan results will include multiple potential matches for files and code snippets, and the candidate will work with the product team to perform research to determine the origin of third-party code, including open source.
  • Candidate will work with the stakeholders to identify and manage Common Vulnerabilities and Exposure (CVE) as identified in the scans.
  • The candidate needs to ensure that the first scan of a product needs to establish a “Baseline”. Subsequent scans will be “delta scans” from the baseline, to identify new third-party code that has been subsequently introduced.
  • Work with Legal and Software Lifecycle Management (SLM) teams to establish, maintain, and provide training to the development community for the following:
    • The governance process relating to the software composition analysis (e.g., a process for product teams to request new third-party software usage).
    • Best practices for implementing software composition and CVE reviews within our software development process (especially for DevOps/Cloud).
    • Software usage policies with assistance of IP Legal as needed (i.e., “whitelists” / “blacklists” of third-party software).
    • Support stakeholders’ ability to automate scans (process may be manual at first, but will eventually be automated, e.g., via REST API’s).
    • Front-line technical support for software composition analysis (including troubleshooting and maintain scanning servers, reports databases).
    • Serve as interface between engineering teams, IP Legal teams, and solution vendor (e.g., Revenera, WhiteSource).
    • Communicate technical requirements to vendors for professional services (e.g., custom development, audit support).
    • Communicate legal-related issues to vendors and stakeholders (third party licenses, CVEs).

Qualifications and Requirements

Required

  • Technical Experience
    • Required:  5+ years of experience as a technical business analyst or software engineer or software component analyst (including open-source analyst)
    • Preferred:  Experience with Web, Digital Services, Business Intelligence/Reporting, Forms/Workflow Automation and/or CRM
  • Bachelor’s degree or equivalent software experience (B.E., B.Tech. or higher).
  • Advanced in Software Composition Analysis, code review, code auditing/analysing, handling change.
  • Own and deliver projects on schedule.
  • Keeping up to date with domain needs.
  • Ability to work on multiple projects at the same time.
  • Exceptional stakeholder management skills: ability to influence and be the trusted advisor.
  • Strong documentation and presentation skills with the ability to tailor content to diverse stakeholders.
  • Mandatory Skills:
    • Knowledge of Open-Source Software/Free Software operations, technologies, and licenses.
    • Experience in performing software audits and identifying legal-related issues (third party licenses, copylefts, etc.).
    • Familiarity with software code scanning tools (e.g., FlexNet, WhiteSource, Black Duck, Palamida) a plus.
    • Technical support experience.

 

Preferred

  • Knowledge of Java Application Servers (Tomcat preferred)
  • Knowledge of MySQL or relational databases (install, support, tuning, debugging)
  • Intermediate Linux skills (installation, command line, process management, etc.)
  • Familiarity with static analysis tools (Coverity, Fortify, Findbugs, etc.)
  • Customer focused, service orientated and communicates effectively with stakeholders
  • Strong understanding of business needs
  • Ability to influence the organization to "get things done"
  • Able to think logically and analyze complex problems
  • Detailed, accurate & methodical
  • Strong interpersonal skills
  • Excellent communication skills (written & oral)
  • Works well with all personality types
  • Fluent in English

Schlumberger as an employer

As a leading employer in our industry, Schlumberger is proud to offer a highly competitive package of base and incentive compensation as well as a comprehensive benefits program designed to support the health, wellness and financial security of our employees and their families. Schlumberger is an equal employment opportunity employer. Qualified applicants are considered without regard to race, color, religion, sex, national origin, age, disability, status as a protected veteran or other characteristics protected by law.

 

Software Composition Analyst
Log in to apply for this position today.
Apply Now

Share This